236 private static final class
237 DHEPossessionGenerator implements SSLPossessionGenerator {
238 // Flag to use smart ephemeral DH key which size matches the
239 // corresponding authentication key
240 private static final boolean useSmartEphemeralDHKeys;
241
242 // Flag to use legacy ephemeral DH key which size is 512 bits for
243 // exportable cipher suites, and 768 bits for others
244 private static final boolean useLegacyEphemeralDHKeys;
245
246 // The customized ephemeral DH key size for non-exportable
247 // cipher suites.
248 private static final int customizedDHKeySize;
249
250 // Is it for exportable cipher suite?
251 private final boolean exportable;
252
253 static {
254 String property = GetPropertyAction.privilegedGetProperty(
255 "jdk.tls.ephemeralDHKeySize");
256 if (property == null || property.length() == 0) {
257 useLegacyEphemeralDHKeys = false;
258 useSmartEphemeralDHKeys = false;
259 customizedDHKeySize = -1;
260 } else if ("matched".equals(property)) {
261 useLegacyEphemeralDHKeys = false;
262 useSmartEphemeralDHKeys = true;
263 customizedDHKeySize = -1;
264 } else if ("legacy".equals(property)) {
265 useLegacyEphemeralDHKeys = true;
266 useSmartEphemeralDHKeys = false;
267 customizedDHKeySize = -1;
268 } else {
269 useLegacyEphemeralDHKeys = false;
270 useSmartEphemeralDHKeys = false;
271
272 try {
273 // DH parameter generation can be extremely slow, best to
274 // use one of the supported pre-computed DH parameters
275 // (see DHCrypt class).
276 customizedDHKeySize = Integer.parseUnsignedInt(property);
|
236 private static final class
237 DHEPossessionGenerator implements SSLPossessionGenerator {
238 // Flag to use smart ephemeral DH key which size matches the
239 // corresponding authentication key
240 private static final boolean useSmartEphemeralDHKeys;
241
242 // Flag to use legacy ephemeral DH key which size is 512 bits for
243 // exportable cipher suites, and 768 bits for others
244 private static final boolean useLegacyEphemeralDHKeys;
245
246 // The customized ephemeral DH key size for non-exportable
247 // cipher suites.
248 private static final int customizedDHKeySize;
249
250 // Is it for exportable cipher suite?
251 private final boolean exportable;
252
253 static {
254 String property = GetPropertyAction.privilegedGetProperty(
255 "jdk.tls.ephemeralDHKeySize");
256 if (property == null || property.isEmpty()) {
257 useLegacyEphemeralDHKeys = false;
258 useSmartEphemeralDHKeys = false;
259 customizedDHKeySize = -1;
260 } else if ("matched".equals(property)) {
261 useLegacyEphemeralDHKeys = false;
262 useSmartEphemeralDHKeys = true;
263 customizedDHKeySize = -1;
264 } else if ("legacy".equals(property)) {
265 useLegacyEphemeralDHKeys = true;
266 useSmartEphemeralDHKeys = false;
267 customizedDHKeySize = -1;
268 } else {
269 useLegacyEphemeralDHKeys = false;
270 useSmartEphemeralDHKeys = false;
271
272 try {
273 // DH parameter generation can be extremely slow, best to
274 // use one of the supported pre-computed DH parameters
275 // (see DHCrypt class).
276 customizedDHKeySize = Integer.parseUnsignedInt(property);
|